﻿using System;
using System.Collections.Generic;

using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Web.Profile;
using System.Web.Security;

using Gift.DAL;


namespace WebSite.admin.user
{
    public partial class AddAdmin : BaseAdmin
    {

        DALInstitution theInstitution = new DALInstitution();
        // Methods
        protected void ImageButton1_Click(object sender, ImageClickEventArgs e)
        {
            bool isSuper = false;
            int iInstitutionId = 0;
            if (LoginAdminUser.IsSuper)
            {
                isSuper = this.cbxSuper.Checked;
                if (string.IsNullOrEmpty(this.ddlInsititution.SelectedItem.Value))
                {
                    iInstitutionId = 0;
                }
                else
                {
                    iInstitutionId = int.Parse(this.ddlInsititution.SelectedItem.Value);
                }
            }

            if ((re.replace(this.txtUser.Text) == "") || (re.replace(this.txtPwd.Text) == ""))
            {
                base.Response.Write("<script language='javascript'>;alert('登录名称和密码不能为空');</script>");
            }
            else if (re.replace(this.txtPwd.Text) != re.replace(this.txtPwd2.Text))
            {
                base.Response.Write("<script language=javascript>;alert('密码不相同');</script>");
            }
            else if (base.Request.QueryString["uid"] != null)
            {
              
                string str2;
                DataTable table = SQLAccess.GreatDs("SELECT AdminPwd FROM DB_adminlogin where Adminid=" + base.Request.QueryString["uid"] + "").Tables[0];
                if (re.replace(this.txtPwd.Text).ToString() == table.Rows[0]["AdminPwd"].ToString())
                {
                    str2 = re.replace(this.txtPwd.Text);
                }
                else
                {
                    str2 = FormsAuthentication.HashPasswordForStoringInConfigFile(re.replace(this.txtPwd.Text), "MD5");
                }
                SQLAccess.DoSql("update DB_adminlogin set AdminUser='" + re.replace(this.txtUser.Text) + "',AdminPwd='" + str2
                    + "',AdminName='" + re.replace(this.txtName.Text) 
                    +"',IsSuper=" + isSuper.ToString()
                    + "',InstitutionId=" + iInstitutionId.ToString()
                    + ",AdminFlag=1,AdminDesc='" + re.replace(this.txtDesc.Text) + "' where Adminid=" + base.Request.QueryString["uid"] + "");
                base.Response.Write("<script language='javascript'>;alert('修改成功');window.location.href='AdminList.aspx';</script>");
            }
            else
            {
                DataTable table2 = SQLAccess.GreatDs("SELECT AdminId FROM DB_adminlogin where AdminUser='" + re.replace(this.txtUser.Text) + "'").Tables[0];
                if (table2.Rows.Count > 0)
                {
                    base.Response.Write("<script>alert('对不起，此用户已存在，请用别的用户名');</script>");
                }
                else
                {
                    SQLAccess.DoSql("insert into DB_adminlogin(AdminUser,AdminPwd,AdminName,AdminFlag,AdminDesc,InstitutionId,IsSuper) values ('" + re.replace(this.txtUser.Text) + "','" 
                                                                                                                           + FormsAuthentication.HashPasswordForStoringInConfigFile(re.replace(this.txtPwd.Text), "MD5") + "','" 
                                                                                                                           + re.replace(this.txtName.Text) + "',1,'" + re.replace(this.txtDesc.Text) + "',"
                                                                                                                           + iInstitutionId.ToString() +"," + isSuper.ToString() + ")");
                    base.Response.Write("<script language='javascript'>;alert('添加成功');window.location.href='AdminList.aspx';</script>");
                }
            }
        }

        protected void Page_Load(object sender, EventArgs e)
        {

            if (!IsPostBack)
            {
                if (LoginAdminUser==null || !LoginAdminUser.IsSuper)
                {
                    base.ValidateLoginRule(Gift.Model.ENUM.ERule.AddAdmin);
                }
                this.BindInstitution();
                if (base.Request.QueryString["uid"] != null)
                {
                    this.upbind();
                    this.Label1.Text = "修改会员";
                }
            }
        
        }

        private void upbind()
        {
            string sql = "select top 1 * from DB_Adminlogin where Adminid=" + base.Request.QueryString["uid"];
            DataTable table = new DataTable();
            table = SQLAccess.GreatDs(sql).Tables[0];
            this.txtUser.Text = table.Rows[0]["AdminUser"].ToString();
            this.txtName.Text = table.Rows[0]["AdminName"].ToString();
            this.txtPwd.Text = table.Rows[0]["AdminPwd"].ToString();
            this.txtPwd2.Text = table.Rows[0]["AdminPwd"].ToString();
            this.txtDesc.Text = table.Rows[0]["AdminDesc"].ToString();
        }


        void BindInstitution()
        {
            if (LoginAdminUser.IsSuper)
            {
                DataSet ds;
                ds = theInstitution.GetList(" 1= 1 and IsEnable = 1");
                this.ddlInsititution.DataTextField = "Name";
                this.ddlInsititution.DataValueField = "Id";
                this.ddlInsititution.DataSource = ds;
                this.ddlInsititution.DataBind();
                this.ddlInsititution.Items.Insert(0, new ListItem("所属公司", ""));
            }
            else
            {
                this.trInsitution.Visible = false;
                this.trSuper.Visible = false;
            }

        } 
       
    }
}